<?php 
	require_once("connector.php");
	require_once("baseobj.php");
	
	class User extends BaseObj {
		public $UserId = 0;
		public $Email = "";
		public $RoleId = 0;
		public static $Select = "SELECT USERID, EMAIL, PWD, ROLEID, to_char(CREATED,'MM/DD/YYYY HH24:MI') CREATED, to_char(MODIFIED,'MM/DD/YYYY HH24:MI') MODIFIED FROM USERS";
		
		public function __construct() { 
			
		}
		
		public function changePassword($pwd){ 
			$sql = "UPDATE Users SET Pwd = :pwd WHERE UserId = :userId";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':pwd', $pwd);
			oci_bind_by_name($stmt, ':userId', $this->UserId);
			$cnt = oci_execute($stmt);
			oci_free_statement($stmt);
			oci_close($conn);
		}
		
		public function delete() {
			$sql = "DELETE FROM USERS WHERE UserId = :userid";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':userid', $this->UserId);
			$cnt = oci_execute($stmt);
			oci_free_statement($stmt);
			oci_close($conn);
		}
		
		public static function emailPwd($email) {
			$ok = FALSE;
			$sql = "SELECT Pwd FROM USERS WHERE Email = :email";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':email', $email);
			$cnt = oci_execute($stmt);			
			if($cnt > 0) {
				$ok = TRUE;
				$row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);				
				$pwd = $row["PWD"];
				if($pwd == null || $pwd = "") {
					$ok = FALSE;
				}
			}			
			oci_free_statement($stmt);
			oci_close($conn);
			
			if($ok == TRUE){
				$ok = mail($email, "Password Request", "Your password is $pwd.");
			}
			
			return $ok;
		}
		
		public static function get($email, $pwd) {
			$sql = User::$Select." WHERE Email = :email AND Pwd = :pwd";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':email', $email);
			oci_bind_by_name($stmt, ':pwd', $pwd);
			$u = null;
			$cnt = oci_execute($stmt);			
			if($cnt > 0) {				
				$row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);				
				$u = new User();
				$u->load($row);
			}			
			oci_free_statement($stmt);
			oci_close($conn);
			
			return $u;
		}
		
		public static function getAllUsers(){ 
			$arr = array();
			$i = 0;
			$sql = User::$Select." ORDER BY Email";
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			
			$cnt = oci_execute($stmt);
			$u = null;
			if($cnt > 0) {				
				while($row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS)) {
					$u = new User();
					$u->load($row);
					$arr[$i] = $u;
					$i++;
				}
			}			
			oci_free_statement($stmt);
			oci_close($conn);
			
			return $arr;
		}
		
		public static function getByUserId($userId){
			$u = null;
			
			if($userId == 0) { 
				$u = new User();
			}
			else {
				$i = 0;
				$sql = User::$Select." WHERE UserId = :userId";
				$conn = createConn();
				$stmt = oci_parse($conn, $sql);
				oci_bind_by_name($stmt, ':userId', $userId);

				$cnt = oci_execute($stmt);
				
				if($cnt > 0) {				
					while($row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS)) {
						$u = new User();
						$u->load($row);
						$arr[$i] = $u;
						$i++;
					}
				}			
				oci_free_statement($stmt);
				oci_close($conn);
			}
			
			return $u;
		}
		
		public function load($row){			
			$this->UserId = $row["USERID"];
			$this->Email = $row["EMAIL"];
			$this->Pwd = $row["PWD"];
			$this->RoleId = $row["ROLEID"];
			$this->Created = new DateTime($row["CREATED"]);
			$this->Modified = new DateTime($row["MODIFIED"]);
		}
		
		public static function nextId() {
			$sql = "SELECT seq.nextval FROM Dual"; 
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_execute($stmt);
			$row = oci_fetch_array($stmt, OCI_ASSOC+OCI_RETURN_NULLS);
			$v = $row["NEXTVAL"];
			oci_free_statement($stmt);
			oci_close($conn);
			return $v;
		}
		
		public function resetPwd($length=8) { 
			// start with a blank password
			$password = "";

			// define possible characters - any character in this string can be
			// picked for use in the password, so if you want to put vowels back in
			// or add special characters such as exclamation marks, this is where
			// you should do it
			$possible = "2346789bcdfghjkmnpqrtvwxyzBCDFGHJKLMNPQRTVWXYZ";

			// we refer to the length of $possible a few times, so let's grab it now
			$maxlength = strlen($possible);

			// check for length overflow and truncate if necessary
			if ($length > $maxlength) {
				$length = $maxlength;
			}

			// set up a counter for how many characters are in the password so far
			$i = 0; 

			// add random characters to $password until $length is reached
			while ($i < $length) { 
				// pick a random character from the possible ones
				$char = substr($possible, mt_rand(0, $maxlength-1), 1);

				// have we already used this character in $password?
				if (!strstr($password, $char)) { 
					// no, so it's OK to add it onto the end of whatever we've already got...
					$password .= $char;
					// ... and increase the counter by one
					$i++;
				}
			}

			// done!
			return $password;
		}
		
		public function save() {
			$sql = null;
			
			$this->Modified = new DateTime();
			
			if($this->UserId == null || $this->UserId == 0) {
				$this->UserId = User::nextId();
				$this->Pwd = $this->resetPwd();
				$sql = "INSERT INTO Users (UserId, Email, Pwd, RoleId) 
				        VALUES (:userId, :email, :pwd, :roleId)";
			}
			else {  				
				$sql = "UPDATE Users 
						SET Email = :email, 
							Pwd = :pwd, 
							RoleId = :roleId,
							Modified = :modd
						WHERE UserId = :userId";
			}
			$f = $this->nowStr();
			$conn = createConn();
			$stmt = oci_parse($conn, $sql);
			oci_bind_by_name($stmt, ':userId', $this->UserId);
			oci_bind_by_name($stmt, ':email', $this->Email);
			oci_bind_by_name($stmt, ':pwd', $this->Pwd);
			oci_bind_by_name($stmt, ':roleId', $this->RoleId);
			oci_bind_by_name($stmt, ':modd', $f);
			$cnt = oci_execute($stmt);
			oci_free_statement($stmt);
			oci_close($conn);
			
			return $cnt > 0;
		}
	}
?>